F. GEOLOCATION DATA. 1. We immediately gather geolocation information from users of my children’s software, but i actually do maybe perhaps maybe not utilize this information for any such thing.

Have always been we accountable for notifying moms and dads and getting their permission to such collection?

Yes. COPPA covers the assortment of geolocation information, not merely its disclosure or use.

2. Wemagine if I give my users an option to show down geolocation information? Do I nevertheless need certainly to alert moms and dads to get consent that is prior parental?

COPPA was designed to inform moms and dads and provide them the decision to consent. Consequently, it isn’t adequate to supply such notification and option towards the youngster individual of a webpage or solution. In the event that operator promises to gather geolocation information, the operator will undoubtedly be accountable for notifying moms and dads and getting their permission just before such collection.

3. The amended Rule covers “geolocation information adequate to recognize road title and title of town or city. ”

Let’s say my children’s software just collects coarse geolocation information, tantamount to collecting a connecting singles ZIP rule but absolutely nothing more particular?

COPPA will not need an operator to inform moms and dads and get their permission before gathering the sort of coarse geolocation services described. Nonetheless, the operator ought to be quite sure that, in all instances, the geolocation information it gathers is more basic than that adequate to spot road name and title of city or city.

4. The geolocation information we collect through my application provides coordinate figures. It doesn’t particularly determine a road title and title of town or city. Do i need to alert moms and dads and get their permission in this situation?

COPPA covers the number of geolocation information “sufficient” to identify road title and title of town or town. It doesn’t need the address that is actual of these information during the time of collection. An example where COPPA will be triggered is where an app takes the user’s longitude and latitude coordinates and translates them up to an exact location on a map.


1. Am I responsible if kiddies lie about what their age is through the enrollment procedure to my audience that is general internet site?

The Rule doesn’t require operators of basic market web web web sites to analyze the many years of people to their web web web sites or solutions. See 1999 Statement of Basis and Purpose, 64 Fed. Reg. 59888, 59892. Nevertheless, operators will soon be held to possess obtained real understanding of having gathered information that is personal from a youngster where, as an example, they later observe a child’s age or grade from a concerned moms and dad who’s got discovered that their son or daughter is participating on the internet site or solution.

2. I’ve an on-line solution that is meant for teens. How can COPPA impact me personally?

While you might want to run a “teen service, ” in truth, your website may attract a considerable amount of kiddies under 13, and therefore might be regarded as being a “Web web web site or service that is online to children” under the Rule. In the same way the Commission considers a few facets in determining whether a website or solution is directed to young ones, you too must look into your service’s matter that is subject artistic content, character alternatives, music, and language, among other activities. Then your service is “directed to kids. In the event the solution goals kids as you of its audiences – even in the event young ones are not the primary audience –”

The amended Rule allows you to employ an age screen in order to provide COPPA’s protections to only those visitors who indicate they are under age 13 in circumstances where children are not the primary audience of your child-directed service. Keep in mind that web web sites or services directed to children cannot utilize the age display screen to block kids under age 13. See FAQ D. 2 above. When you identify child visitors, you might elect to:

  1. Collect moms and dads’ online contact information to offer direct notice in purchase to get parents’ consent to your details collection, usage and disclosure methods; or
  2. Direct kid people to content that will not include the collection, use, or disclosure of information that is personal.

3. Am I able to block kiddies under 13 from my basic market site or service that is online?

Yes. COPPA will not need one to allow young ones under age 13 to be involved in your present market web site or service that is online and you might block kids from participating in the event that you so select. By comparison, may very well not block kiddies from taking part in an online site or online solution that is directed to kiddies as defined because of the Rule. See FAQ D. 2 above.

If you decide to block kiddies under 13 in your basic market website or solution, you should make sure to design your actual age display in a fashion that will not encourage kids to falsify their many years to get usage of your web site or service. Ask age information in a manner that is neutral the point where you ask visitors to offer private information or even produce a person ID.

In designing a basic age-screening procedure, you should think about:

  • Making certain the info access point enables users to enter how old they are accurately. A good example of an age-screen that is neutral be a method which allows a user easily to enter thirty days, time, and 12 months of delivery. A website which includes a menu that is drop-down only permits users to enter delivery years making them 13 or older, wouldn’t be considered a basic age-screening process since kids cannot enter their proper many years on that web web site.
  • Avoiding encouraging kids to falsify what their age is information, for instance, by saying that site visitors under 13 cannot participate or should ask their parents before participating. In addition, merely including a check package stating, “I am over 12 yrs. Old” wouldn’t be considered an age-screening mechanism that is neutral.

In addition, in keeping with long standing Commission advice, FTC staff advises employing a cookie to stop kiddies from back-buttoning to enter a various age. Remember that then you fail either to screen out children under age 13 or to obtain their parents’ consent to collecting these children’s personal information, you may be liable for violating COPPA if you ask participants to enter age information, and. See, e.g., the FTC’s COPPA instances against Path, Inc., Playdom, Inc. And Sony BMG musical Entertainment.

4. I run a basic market video gaming web site and never ask people to expose their many years. I actually do allow users to submit feedback, commentary, or concerns by e-mail. Exactly what are my duties that he is under age 13 if I receive a request for an email response from a player who indicates?

Underneath the Rule’s one-time reaction exclusion (16 C.F.R. § 312.5(c)(3)) you might be allowed to deliver a reply towards the youngster, through the child’s online contact information, without delivering notice to your moms and dad or acquiring consent that is parental. But, you have to delete the child’s online contact information from your own documents immediately when you deliver your reaction. You might not utilize the child’s online contact information to re-contact the son or daughter (or even for some other function), or disclose the child’s online contact information. Remember that in the event that you choose to not react to the child’s inquiry, you have to nevertheless immediately delete the child’s information that is personal from your own documents. Also, such a contact can provide you real knowledge if you had previously collected the child’s email address as part of a website registration process) that you have collected personal information from a child (e.g.,. Such a scenario, you will have to do something to make sure that you might be complying with COPPA, such as for example getting parental permission or instantly deleting any information that is personal gathered through the kid.